This copy is for your personal non-commercial use only. To order
presentation-ready copies of Toronto Star content for distribution
to colleagues, clients or customers, or inquire about
permissions/licensing, please go to: www.TorontoStarReprints.com

On Tuesday, WikiLeaks said documents it obtained reveal that the CIA targeted everyday gadgets such as smartphones and personal computers as part of a surveillance program.

WASHINGTON—WikiLeaks released thousands of documents on Tuesday that it said described sophisticated software tools used by the CIA to break into smartphones, computers and even Internet-connected televisions.

If the documents are authentic, as appeared likely at first review, the release would be the latest coup for the anti-secrecy organization and a serious blow to the CIA, which maintains its own hacking capabilities to be used for espionage.

The initial release, which WikiLeaks said was only the first part of the document collection, included 7,818 web pages with 943 attachments. The entire archive of CIA material consists of several hundred million lines of computer code, it said.

Among other disclosures that, if confirmed, would rock the technology world, the WikiLeaks release said the CIA and allied intelligence services had managed to bypass encryption on popular phone and messaging services such as Signal, WhatsApp and Telegram. According to the statement from WikiLeaks, government hackers can penetrate Android phones and collect “audio and message traffic before encryption is applied.”

The source of the documents was not named. WikiLeaks said the documents, which it called Vault 7, had been “circulated among former U.S. government hackers and contractors in an unauthorized manner, one of whom has provided WikiLeaks with portions of the archive.”

WikiLeaks said the source, in a statement, set out policy questions that “urgently need to be debated in public, including whether the CIA’s hacking capabilities exceed its mandated powers and the problem of public oversight of the agency.” The source, the group said, “wishes to initiate a public debate about the security, creation, use, proliferation and democratic control of cyberweapons.”

WikiLeaks published thousands of documents on March 7 revealing scores of secrets about CIA hacking tools used to break into computers and cell phones. "It's just a rude awakening and for all of us," said cybersecurity expert Varun Badhwar.

The documents, from the CIA’s Center for Cyber Intelligence, are dated from 2013 to 2016 and WikiLeaks described them as “the largest ever publication of confidential documents on the agency.” One former intelligence officer who briefly reviewed the documents Tuesday said some of the code names for CIA programs, an organization chart and the description of a CIA hacking base appeared to be genuine.

A CIA spokesperson, Dean Boyd, said, “We do not comment on the authenticity or content of purported intelligence documents.”

WikiLeaks, which has sometimes been accused of recklessly leaking information that could do harm, said it had redacted names and other identifying information from the collection. It said it was not releasing the computer code for actual, usable cyberweapons “until a consensus emerges on the technical and political nature of the CIA’s program and how such ‘weapons’ should be analyzed, disarmed and published.”

Some of the details of the CIA programs might have come from the plot of a spy novel for the cyberage, revealing numerous highly classified — and in some cases, exotic — hacking programs. One, code-named Weeping Angel, uses Samsung “smart” televisions as covert listening devices. According to the WikiLeaks news release, even when it appears to be turned off, the television “operates as a bug, recording conversations in the room and sending them over the Internet to a covert CIA server.”

The release said the program was developed in co-operation with British intelligence.

If CIA agents did manage to hack smart TVs, they would not be the only ones. Since their release, Internet-connected televisions have been a focus for hackers and cybersecurity experts, many of whom see the sets’ ability to record and transmit conversations as a potentially dangerous vulnerability.

In early 2015, Samsung appeared to acknowledge the televisions posed a risk to privacy. The fine print terms of service included with its smart TVs said the television sets could capture background conversations, which could then be passed onto third parties.

The company also provided a remarkably blunt warning: “Please be aware that if your spoken words include personal or other sensitive information, that information will be among the data captured and transmitted to a third party through your use of Voice Recognition.”

Get more of what matters in your inbox

Start your morning with everything you need to know, and nothing you don't. Sign up for First Up, the Star's new daily email newsletter.

Another program described in the documents, named Umbrage, is a voluminous library of cyberattack techniques that the CIA has collected from malware produced by other countries, including Russia. According to the WikiLeaks release, the large number of techniques allows the CIA to mask the origin of some of its cyberattacks and confuse forensic investigators.

Stephanie Carvin of the Norman Paterson School of International Affairs at Carleton University says Canadian material risks being exposed, since Canada and the U.S. are members of the five-country group of intelligence-sharing countries known as the “Five Eyes.”

Vulnerable Canadian secrets could include details on the tools and methods Canadian intelligence agencies use to conduct digital snooping.

“Because of the sharing between the Five Eyes, if Canada is using some of those tools, yes, our capabilities would be hurt as well,” Carvin said Tuesday.

“Secondly, if for some reason, they’ve been able to get access to some of our documents through Five Eyes sharing, then even some of our methods could be released as well. But we don’t know what they have.”

There was scant mention of Canada in the WikiLeaks files disclosed Tuesday, but one file suggests intelligence agencies took part in a summer 2015 workshop in Ottawa dubbed “Triclops.”

A memo associated with the event notes an apparent effort to remotely control an iPhone without the user knowing.

Assuming the release is authentic, it marks the latest in a series of huge leaks that have changed the landscape for government and corporate secrecy.

In scale, the Vault 7 archive appears to fall into the same category as the biggest leaks of classified information in recent years, including the quarter-million diplomatic cables taken by Chelsea Manning, the former U.S. army intelligence analyst, and given to WikiLeaks in 2010, and the hundreds of thousands of documents taken from the National Security Agency by Edward Snowden and given to journalists in 2013.

In the business world, the so-called Panama Papers and several other large-volume leaks have laid bare the details of secret offshore companies used by wealthy and corrupt people to hide their assets.

Both government and corporate leaks have been made possible by the ease of downloading, storing and transferring millions of documents in seconds or minutes, a sea change from the use of slow photocopying for some earlier leaks, including the Pentagon Papers in 1971.

The NSA and the military’s closely related Cyber Command have the most extensive capabilities for breaking into foreign communications and computer networks and, if required, destroying them. But the CIA maintains a parallel set of programs, mainly for gathering information.

A set of NSA hacking tools, evidently leaked from the agency or stolen in an electronic break-in, was put up for auction on the web last summer by a group calling itself the Shadow Brokers. Those tools were among the NSA’s arsenal for penetrating foreign computer networks. At first glance the Vault 7 programs appeared to be aimed at smaller, individual targets rather than large networks.

More from The Star & Partners

More News

Top Stories

Copyright owned or licensed by Toronto Star Newspapers Limited. All
rights reserved. Republication or distribution of this content is
expressly prohibited without the prior written consent of Toronto
Star Newspapers Limited and/or its licensors. To order copies of
Toronto Star articles, please go to: www.TorontoStarReprints.com